package com.usian.security.expression;

import cn.hutool.core.util.StrUtil;
import com.usian.security.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.beans.PersistenceDelegate;
import java.util.List;

/**
 * ClassName: CustomSecurityExpressionRoot
 * Author:   WGG
 * Date:    2022-12-2022/12/21-16:07
 * Version: 1.0
 * Description:
 */

/**
 * 将用户的权限和请求路径中的权限进行对比
 */
@Component("customExpression")
public class CustomSecurityExpressionRoot {
    public final boolean hasAuthority(String per){
        //从redis中获取用户权限，或者SecurityContextHolder中获取
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        for (String permission : permissions) {
            if (StrUtil.contains(permission,per)){
                return true;
            }
        }
        return false;
    }
}
